I had a closer look at the sysctl() stuff. I was wondering how to
check values, so I looked at the existing code...
...and realized that in many cases the values passed are not checked
at all! Furthermore some routines could really have a on-line
comment.
I originally thought about writing a wrapper around the do_intverc
stuff to check values before they are written to the kernel. That
seemed messy.
I'd really like to see a more general framework that has the ability
to call a function (pointer) before and after a value has been set
(or read).
Another problem seems to be the orthogonality with the capability
model: Only the file permissions are used.
Locking: Without proper hooks, a global kernel lock would have to be
used (just to be safe).
I wonder whether the sysctl and do_intvercminmax could be rewritten
to be more modular and of general use. Writing special code with 80%
common for each variable to be set seems quite bad.
I seem unable to do that due to lack of time (in case you wanted to
ask).
Regards,
Ulrich
P.S. Remember I'm not subscribed here, so make sure I can read your
comments ;-)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/